Synology directory server unable to connect to ldap from nextcloud

ℹ️ Support
, , ,
1

im using Synology as active directory server

Nextcloud version (eg, 18.0.3.0):
Docker Official Images:latest

when i click on Detect port it does pull the port number 389

user: CN=install,OU=Staff,DC=mylocaldomain,DC=local

Base DB: OU=Staff,DC=mylocaldomain,DC=local

The issue you are facing:

Test Base DN
The output of your Nextcloud log in Admin > Logging:

Warning	user_ldap	Configuration Error (prefix s01): login filter does not contain %uid place holder.	
2020-04-14T11:44:09-0700
Warning	user_ldap	Configuration Error (prefix s01): No LDAP Login Filter given!	
2020-04-14T11:44:09-0700

Detect Base DN

The output of your Nextcloud log in Admin > Logging:

Warning	user_ldap	Configuration Error (prefix s01): login filter does not contain %uid place holder.	
2020-04-14T11:47:14-0700
Warning	user_ldap	Configuration Error (prefix s01): No LDAP Login Filter given!	
2020-04-14T11:47:14-0700

i used LdapAdmin to test my testing and it does look like its working can someone please help me
image

2

with synology LDAP Server, this almost works out of the box…
I’ve been searching for a solution with Synology Directory Server, and I finally got it so work…

now I’m putting details and pieces together, if anyone is interested int this…

1 Like
3

Hi @FraZon

Would be nice to know, how you solved this. I am struggling as well.

4

hey Johnshaft,
sorry for the late reply
I got it to work useing this guide:
https://www.virtualease.fr/nextcloud-authentication-active-directory-sso-via-adfs-saml/
(yep, it’s in french, but the important parts are pictures and language independant)

1 Like
5

still got my old note, maybe these help as well:

requirements:
Active Directory Server: 192.168.20.10
DOMAIN: gaul.lan
Group: G_Nextcloud
User: nextcloudpi
Password: P@ssw0rd

SETTINGS
LDAP / AD integration
Server
ldaps://192.168.20.10 636
nextcloud@gaul.lan
P@ssw0rd
dc=gaul,dc=lan
Advanced
Connection Settings
Configuration Active CHECK
Turn off SSL certificate validation. CHECK
Directory Settings
2nd User Display Name Field samaccountname
Base User Tree dc=gaul,dc=lan
Base Group Tree dc=gaul,dc=lan
Group-Member association member (AD)
Special Attributes
Email Field userPrincipalname
Users
Edit LDAP Query
(objectclass=*)
Only from these groups:
G_nextcloud
Login Attributes
Edit LDAP Query
(&(|(objectclass=person)(objectclass=user))(|(samaccountname=%uid)(|(mailPrimaryAddress=%uid)(mail=%uid))))
Groups
Edit LDAP Query
(&(|(objectclass=group))(|(cn=G_Nextcloud)))

6

added 2 settings (cursive)